CS155 Computer And Network Security

Question:

Here is a list:

Access to the building is controlled for everyone.

Don't use plagiarized sources. Get Your Custom Essay on
CS155 Computer And Network Security
Just from $8/Page
Order Essay

Controlled access to the lobby, conference and sales areas

This is a secure area for system developers

The data center will be housed in a very secure area.

Secure transfer between Dallas & Boston of archival data

Access to the Internet is available for employees

Answer:

Firewalls are systems, devices, and components that control and manage data flow between networks. These networks can have different trust levels, so they may permit, deny, or proxy data.

These firewalls are used to protect the internal and external networks, which include the internet. They can also be used to create different subnets within the organization’s network.

Firewalls are able to allow or block traffic, regardless of whether it is dynamic or static.

Theo, 2016, states that static procedures require pre-configuration while dynamic requires coordinated automation between intrusion detection systems and firewalls.

These rules include the rules for outgoing and incoming data, as well changes in firewall configurations and continuing management. (Robert & Gabi 2016, 2016).

Please specify the type of firewall and architecture used.

It is necessary to have functional requirements, such as authentication details, baseline configurations, and access control.

List of ports and required services

Maintenance and management

Traffic monitoring

These procedures can be used for requests to bypass firewalls for certain protocols.

This is a control mechanism that allows or disallows access depending on analysis of traffic data.

Each event is monitored to identify unauthorized access and any threats that could lead to a violation of policy (Raymond 2016, 2016).

This can be accomplished by reconfiguring firewalls or changing the security environment.

Intrusion detection systems should be located at locations where there are easy access routes to private networks.

Any host-based method for intrusion detection must be placed on any sensitive system.

Administrators must regularly examine the intrusion detection system logs and keep the features up-to-date (Timothy (2016)).

Penetration testing includes the evaluation of security and network through attack simulations.

Potential vulnerabilities can be identified by using attack simulation.

These issues should then be evaluated and a remedy plan developed.

Based on test objectives (Kuinam and Nikolai, 2016), the scope and procedure for testing should be considered.

Strategic and long-term recommendations

These are short-term and tactical recommendations.

Action plan for improving security data.

The organization’s risk terms are determined by the results of the test.

Technical report on data and system vulnerabilities

When changes are made or analyzed for risk, the frequency of testing must be determined (Todd 2016).

Antivirus and patches

Servers and workstations should have at least daily automatic updates of their antivirus software.

The system should be scanned regularly to ensure persistent protection.

The organization must prevent workstations from disabling local antivirus updates or software.

Automated cleaning capabilities are required for any virus infection.

The cleaning process can include the removal of the virus from the affected area, manual virus removal attempts, or complete reconfiguration and reinstallation.

Configuration must be performed on all operating systems within the organization, including those that have received latest updates and antivirus upgrades.

Configuring is performed using central files of configuration that have identical policy groups (Denny (2012)

Minimization and Isolation

The host system can be restricted to only one host, ensuring that there is no compromise to any system or service within the organization. This will also limit any potentially catastrophic impacts.

Protective defense would include consideration of data partitioning within different environments or domains.

Effective architecture allows for connection facilitation by managing interfaces and ensuring that they are protected from outside interference.

Users working in multiple security zones must be isolated, controlled, and monitored at both the internal and exterior boundaries.

Minimization refers to protocol, software, and service configurations. It involves disabling or uninstalling any potential threats. (Jean, 2016).

Physical Measures

To be able to access the data within the organization, access must be controlled using processes that ensure user rights are documented in job and needs requirements before access is granted (The, 2016).

They will need a unique identification and access privileges that are tied to their job.

Access Provisioning

The company must be able to identify users quickly and maintain records that can be approved and granted administrator access.

Every new access to the system must be approved before it can be granted (Rao (2015)

The role of the employee, or membership group, determines the user rights. Management is done by pre-authorized group members.

Contractors and vendors have access depending on their relationship to the organization.

Access approval can be granted by data custodians or system administrators.

If a user leaves or is terminated from the system, privileged access must be revoked as such (Sean Philip, 2016).

This is the process of verifying identity using a database or system that uses credentials provided to the system.

Authentication allows confidential data storage, and access to the system’s accountable actions.

Passwords are the main method of authentication. However, token mechanism or biometrics can be used.

This approach is required after a risk assessment of system access.

Access to the system must follow proper procedures.

Any complex access requirement must be met.

Avoid the use of identical authentication methods at different organizational levels.

Interdiction to share authentication identification.

It is forbidden to use the same method of authentication over and over again.

It is easy to change your authentication method at any moment.

Clear guidance is provided regarding the handling of compromised or lost authentication identities.

All access accounts must be able log out within a set time.

Another way to prevent accounts from being locked out is to log out after multiple unsuccessful login attempts.

To secure an assigned entry, you need to limit the security.

Secure the assigned entry by using strong identification.

One could also consider using the different mechanisms of authentication to improve security.

Access credentials assigned to an individual must be secure from unauthorised personnel and modification.

End-user functions cannot be performed by the administrative accounts that have been installed.

Any documents or files that have any authentication information should be encrypted (David David, Bryan, 2016).

Reviews of entitlement.

Entitlement review is a periodic assessment on the actual entitlements with systems, data and systems. It ensures that certain information is only available to those who have been assigned to specific job descriptions.

Also, it should be determined if all accounts have been activated. Additionally, the review should analyze and check the current state of the management authority.

Regular security reviews must be done, with frequency determined by assessment risk information.

Any change in user status must be reviewed. This includes transfer of individuals or assignment to different business levels (Eric, 2017).

Physical Access

Protective measures regarding policies and procedures limit access to sensitive documents or facilities from any unauthorised intrusion.

The safeguard also protects organizations from natural and environmental dangers.

By using zone-orientation, security risks related to physical risks can be mitigated. Information containing sensitive data can only access the designated zones.

Every zone must meet the high-security requirements. This is determined by risk assessment methods.

Visitors must have access to the zone. This includes visitor badges, access login, authorized personnel, and escorts.

In cases involving sensitive data, physical safeguards must be available at all times.

The power supply must also be protected by other physical safeguards.

If a fire breaks out, it is necessary to have fire suppression systems that can detect and suppress the system and activate devices automatically.

To ensure that master valves function properly and are understood, the organization must have protection against water damage.

Administrative Measures

Administrators must use active monitoring and activity tracking for security purposes.

This will assist in the evaluation of policy compliance and detection of intrusion.

As well as facilitating support for the program’s effectiveness, it will also help with breaches.

With the increasing amount of sensitive data, the intensity of monitoring activity and active monitoring will increase.

Activity monitoring

It is important that databases and systems monitor and log any user activity.

The level of audit and the scope of analysis depending on the system or data are important. It is necessary to expand to address any potential increase in asset risk.

The processing of events in logs. Logs include times of logoff and logon, individuals who have access to sensitive data and change or access in occurrences that have their date and time stamps. There is also any failure or succession that could indicate security issues.

The administration can also analyze and review logs in order to determine if there is any suspicious activity.

Administrators must be able implement a baseline logging level in each system and database activity of an organization.

In order to ensure security in the administration, a higher level of baseline control must be used.

A system that alerts the administration to unusual employee activities could be essential in order to protect the organization’s security.

It is important to regularly check all sensitive databases and systems to ensure the system’s logging function operates correctly and adheres to its intended standards.

Centralized management

One must have a central log management system in place to allow one to review and analyze company logs.

This central log management allows the management to make aggregates, provide reports, normalize, and respond to queries.

All log entries can be accessed from one location.

This allows for the easy identification of correlated events.

Storage

The policies that govern the storage system of an organization should be established.

The storage policy is what controls overwriting and maintenance of any log event.

In the event of security-related incidents, this capability will allow for further investigation of data.

The auditing of the records’ storage capacity will be adequate, allowing audit configuration to reduce the risk of exceeding storage capacity (Jean 2016).

Also, storage management will prevent the overwriting of log information. The audit logs will be retained for required periods of consistent time.

Retention policies and regulatory requirements will be legally recorded.

The ability to keep logs can also be added to secure storage. This will allow for analysis of log entries from the past.

This will allow you to identify any security situations that may have been similar to one currently in place (Denny (2012)).

Countermeasures

A security breach could occur because of individuals who might be there to make a financial gain or compromise the employees of an organization.

Security breaches could include:

Sabotage by former or current employees can cause security breaches in an organization. They may intend to misuse or exceed the authorization level to harm any group, organization, or person.

Fraudsters can be anyone who has the intention of tricking an organization into believing they are getting something.

This is often driven by the desire for more salary or to return payments from another party.

Neglecting to take care of something can result in compromise.

These security breaches can be caused by users who do not have the proper training or are unaware of the job requirements.

Users may fail to exercise care and share information with unauthorized personnel.

While these situations may not result in grievous events, it is possible to suffer losses if this happens frequently.

These incidents of security breach warrant some countermeasures in security system, which include (Timothy 2016).

If the responsibility is divided within a critical function of the organization, there are fewer chances for data access or misuse and thus less chance of individuals committing these offenses.

The risk of having multiple responsibility can be minimized by segregating them. This will prevent security breaches.

Duty rotation.

This works in the same way as duty segregation but reduces dependence on one staff person. It also increases detection for any violation of personnel policies.

Least Privilege.

Least Privilege.

Monitoring the system logs in a database can help detect unauthorized access.

Additional Risks to Be Covered

These are just a few of the additional risks that the security proposal must protect against after implementation.

This strategy helps to reduce any potential risk. It also prevents any vulnerability or exploitation of the system security.

This can be achieved through policy implementation, training staff and education about the security measures in place.

Further implementation of technical security safeguards is necessary to combat threats.

Transference control can be used to prevent risk shifting to assets or other groups.

This is solved by reviewing the service offering, revising models and outsourcing organizations, as well as the implementation of service agreements that are associated with providers.

Once the system has been implemented there must be preparation and planning to minimize vulnerability.

References

CWSP Certified Wireless Security Professional Study Book: Exam CWSP205.

San Jose: John Wiley & Sons.

Securing SQL Server, Protecting Your Database From Attackers.

Building a HIPAA-compliant Cybersecurity program: NIST 800-30, CSF and Apress to Secure Protected Health Information.

San Jose: Apress.

Information Security Foundation based ISO/IEC 27002 Courseware.

Privacy Compliance and Litigation, California: 2016 Update.

(2016). Information Science and Applications.

Wiley CIAexcel Exam Review 2016 Part 3, Internal Audit Knowledge Element.

Seattle: John Wiley & Sons.

IT Security Risk Control Management – An Audit Preparation plan.

New York City: The Press.

Chicago: John Wiley & Sons.

11th International Conference on Cyber Warfare and Security – ICCWS2016.

Los Angeles: Los Angeles: Academic Conferences & Publishing Limited.

Guide to Mandatory Benefits Compliance 2016 W/Cd.

Houston: Wolters Kluwer Law & Business.

HCI International 2016 Toronto, ON Canada July 17-22 2016. Proceedings. Human Aspects Information Security Privacy and Trust: Fourth International Conference, HAS 2016.

Information security: Design, Implementation and Measurement.

Texas: CRC Press.

Information Security Governance Simplified – From the Boardroom up to the Keyboard.

Order a unique copy of this paper

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
$26
Top Academic Writers Ready to Help
with Your Research Proposal
Open chat
1
Hello Comrade
We are here at your service.
save 30% Discount code ESSAYBUY20
Chat With US

Is your Assignment Unique? Do you need a Special Price?